Terms & Conditions

For the purposes of these Terms and Conditions, the following definitions apply. The term "SmartDSR" refers to the data subject request orchestration software-as-a-service operated as a sole proprietorship. The term "Client" refers to the organization, company, or individual who subscribes to or uses SmartDSR in order to manage incoming Data Subject Requests. The term "Consumer" refers to the individual data subject who submits a request to the Client, such as a request for access, deletion, correction, or portability of their personal data.SmartDSR is designed to assist Clients in receiving, tracking, and managing Data Subject Requests in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR). The service facilitates the secure relay of request signals, the generation of audit logs, and the communication of completion statuses. SmartDSR itself does not process, collect, or permanently store personally identifiable information (PII) submitted in connection with Data Subject Requests. Any PII that transits SmartDSR does so only in a technical and temporary manner that is incidental to the functioning of the service. Clients remain at all times the sole controllers and processors of personal data, and responsibility for handling such data in compliance with applicable laws rests exclusively with the Client.When a Data Subject Request is displayed in SmartDSR as "Completed," this means that the Client’s own systems have transmitted a confirmation back to SmartDSR. The system records this confirmation within its audit log as evidence that the Client has taken action. SmartDSR does not independently validate the adequacy or legality of the Client’s handling of the request, nor does it verify whether the Client’s obligations under data protection law have been met. SmartDSR merely reflects the confirmation signal as received, together with metadata such as timestamps and event type.Audit logs generated by SmartDSR are intended to provide Clients with traceable records for accountability purposes. These logs may contain metadata regarding request actions, completion notices, and integration events. They are explicitly designed not to include any personally identifiable information belonging to Consumers. Clients may use these audit logs as part of their compliance recordkeeping, but SmartDSR makes no guarantee as to their sufficiency for any particular regulatory requirement.Clients are solely responsible for configuring and integrating SmartDSR with their own systems in a secure and compliant manner. Clients must ensure that their usage of SmartDSR complies with the GDPR, the California Consumer Privacy Act (CCPA), and any other applicable regulations. SmartDSR provides a technical tool but is not a substitute for legal advice, compliance expertise, or direct organizational responsibility. Consumers engaging with a Client's systems should understand that their relationship is with the Client, not with SmartDSR, and that SmartDSR acts only as a technical facilitator on behalf of the Client.SmartDSR is provided on an "as is" and "as available" basis. While reasonable efforts are made to maintain service continuity, SmartDSR does not guarantee uninterrupted operation, permanent availability, or freedom from technical issues. The service may be suspended, altered, or discontinued at any time for operational, security, or legal reasons. Where possible, Clients will be notified of material changes, but no liability is assumed for service interruptions.The owner of SmartDSR disclaims all warranties, whether express or implied, including warranties of merchantability, fitness for a particular purpose, and non-infringement. In no event shall SmartDSR or its owner be liable for indirect, incidental, or consequential damages, or for any loss of data, profits, or compliance arising from the use or inability to use the service. Clients acknowledge that the role of SmartDSR is limited to facilitating request workflows and providing audit records, and that ultimate responsibility for compliance, accuracy, and lawful execution of Data Subject Requests rests with the Client.These Terms are governed by and construed under the laws of the jurisdiction in which the owner of SmartDSR operates as a sole proprietorship. Any disputes arising under or in connection with these Terms shall be subject to the exclusive jurisdiction of the courts of that jurisdiction. Questions or concerns relating to these Terms or to the operation of SmartDSR may be directed to the contact information provided on the SmartDSR website.